The manufacturing industry is the most targeted industry for cyberattacks and this has has now been the case for four consecutive years.
A new study from KnowBe4 shows that this combined with the manufacturing sector’s expanding digital footprint is putting operations, intellectual property, and economic resilience at risk from critical vulnerabilities.
With widespread investment in digitization to enable smart factories, the manufacturing industry has made significant strides in enhancing automation and efficiency along production lines. However, this progress has also expanded the attack surface for cybercriminals, who are increasingly exploiting the convergence of operational technology (OT) and information technology (IT) and complex supply chains to exfiltrate the high-value data the sector holds.
See also:
OT security becomes a board priority for enterprises
Back to the office means back to basics on security
The frequency of attacks against manufacturing is on the increase, with the number of confirmed data breaches increasing by 89.2 percent from 2023 to 2024. According to the 2025 Verizon DBIR, ransomware accounted for 47 percent of all breaches in manufacturing, underscoring its dominance as the attack method of choice. European manufacturers remain prime targets for major ransomware groups including LockBit, PlayCrypt, and 8Base.
Human risk remains a critical vulnerability too as social engineering is responsible for 22 percent of breaches in manufacturing organizations.
“With so much focus placed on physical safety and production line reliability, cyberthreats can sometimes fall under the radar,” says Javvad Malik, lead security awareness advocate at KnowBe4. “But many of today’s most devastating breaches do not start with a technical flaw, they start with a human mistake. Whether it is a phishing email, a weak password, or a lapse in procedure, attackers are exploiting people as the path of least resistance. Building cyber resilience in the manufacturing sector is not just about patching systems — it is about empowering employees with the awareness and training to recognize and respond to threats before they escalate. Manufacturers that fail to act now risk not just data loss, but systemic disruption across operations, supply chains, and even national infrastructure.”
You can get the full report from the KnowBe4 site.
Image credit: weerapat/depositphotos.com
